I've had much success with VLANing the affected systems off from the rest of
the network and deploying some kind of local "cleanup" machine that's hardened
to work on the remediation process.
From: [email protected]
[mailto:[email protected]] On Behalf Of Tyler Robinson
Sent: Thursday, September 02, 2010 10:28 AM
To: PaulDotCom Security Weekly Mailing List
Subject: [Pauldotcom] LAN Virus outbreak Procedures
Hey everyone just wondering what kinds of procedures you are using to prevent
and stop virus outbreaks on your local network after some genius end user
investigates child porn on local network PCs. Do most of you use microsofts
firewall with GP and just open exceptions for the applicatoins that need it or
run another piece of software. I have a massive infection that i cannot track
down our Eset is catching them but my network is nothing but trojan packets we
were not running an internal firewall (previous Admin setup) without hardend
systems, So do i start hardening systems first and then do a GP with Firewall
or does anyone have any better suggestions first to get my network back and
clean the infection second to setup the correct way so there is no next
time..As always thanks so much to the PDC community you guys are the best.
TR
--
Tyler Robinson
Owner of Computer Impressions
******************************************************************************
This email contains confidential and proprietary information and is not to be
used or disclosed to anyone other than the named recipient of this email,
and is to be used only for the intended purpose of this communication.
******************************************************************************
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
